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Question: 1 


Which three role definitions can be provided to a user after he or she is assigned an admin role? 
(Choose three.) 


A. Entity Catalog Administrator 
B. Entity Administrator 

C. Entity Authorizer 

D. Entity Reader 

E. Entity Role Authorizer 

F. Entity Viewer 


Answer: A,B,C 


Question: 2 


A user authenticated using Oracle Access Management Console is redirected to the Oracle Identity 
Manager login page to enter his or her credentials. 
Identify two reasons for this (Choose two.) 


A. The Oracle Virtual Directory adapters are not configured correctly. 

B. OAMIDAsserter is not configured correctly in Oracle WebLogic Server. 

C. The security providers for the OIM domain are not configured correctly in Oracle WebLogic Server. 
D. A config issue in oam-config.xml is causing this. 


Answer: C,D 


Question: 3 


Your customer reports duplicate account creation and the status unexpectedly getting changed along 
with various data corruption issues resulting due to duplicate processing. They are using push-based 
connectors to process reconciliation using the processReconciliationEvent API. 

How can you fix this issue? 


A. Check if related batches are in the Ready For Processing statue by using the following 
statement:select rb_batch_status, rb_note from recon_batches whererb_batch_status = 'Ready For 
Processing’ and rj_key = JOB_ID_ON_UI. 

B. Set the reconciliation batch size (batchSize parameter) to O in the reconciliation profile of the 
affected resource object. 

C. Perform reconciliation twice if the size of the data is large. 

D. Modify the field length of these columns from the console and then re-create the recon profile. 
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Answer: B 


Question: 4 


User1 has delegated her UNIX HR production access privileges in OPAM to User2 during her time off. 
User2 has been informed that he would be working on a new project the following week after User1 
left. To keep SOD, he decides to delegate the same privileges to User2. Later, he removes these 
access privileges from his list. 

Now User2 needs the access restored but User1 or even User3 are available. 

How can he claim back those privileges? 


A. Request access through OIM catalog. Because the privilege was originally delegated by User1, the 
request requires Userr1's manager's approval. 

B. Request access through OIM catalog. Because the privilege was originally delegated by User1, the 
request will be automatically approved. 

C. He can't remove a delegated access privilege. He would be ableto reach the targets even if he 
can't see them within his ACL. 

D. The only workaround for a removed delegated privilege is to have it redelegated. 


Answer: B 


Question: 5 


Identify the schema that must be installed during the upgrade process of Oracle Identity manager in 
addition to the existing schemas that are already installed. 


A. ORASDPM schema 

B. Business Intelligence Platform Schema 

C. Metadata Services Schema 

D. Oracle Platform Security Services Schema 


Answer: A 


Question: 6 


You are asked to integrate Oracle Privileged Account Manager-Oracle Identity Manager. As part of 
this process, you must enable Oracle Privileged Account Manager to search the Oracle Identity 
Manager catalog. 

How can you accomplish this task? 


A. by manually creating the OPAM_TAGS and OPAM_CERT_TAGS user-defined fields(UDF) in the 
Oracle Identity Manager catalog 

B. by manually enabling the OPAM _TAGS and OPAM_CERT_TAGS in the Oracle Privileged Account 
Manager Admin Console 

C. by running the. /opamSetup. sh (or. /opamSetup. bat) script with the --TAGS parameter andtheir 
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definitions 
D. by running the. /opamSetup. sh (or. /opamSetup. bat) script with the -opamltResource parameter 
and the TAGS definitions 


Answer: A 


Question: 7 


A customer has built a self-service capability rule that allows users to modify their profiles and also 
makes User Login a denied attribute if the user is a full-time employee and the country is not US 

A. It does this through the following parameter: 

deniedAttribute Equal User Login 

However, the rule is not working. Select the correct statement that applies to this scenario. 

A. Denied attributes must beevaluated in a separate rule. 

B. User Login cannot be included in the denied attributes list. 

C. The correct parameter is deniedAttribute rule User Login. 

D. The correct parameter is deniedAttribute Equal Login. 


Answer: B 


Question: 8 


During an OIM UI customization process, you have a current sandbox (name: IdM_Ulcompany1) 
running in production. You must test the new custom interface developed internally. You imported 
and updated the sandbox (name: IdM_Ulcompany1). After several tests, you found some minor user 
experience issues that were not reported during Q 

A. You Want to roll back to your previous sandbox but you are not able to accomplish that task. 
Identify the correct statement. 

A. Log in to the Weblogic admin console, look for OIM ADF components, delete the new sandbox, 
and restart OIM. 

B. The old sandbox has been stored as IdM_Ulcompany1. backup after the import process. You must 
import the backup file to restore previous configuration. 

C. Any available sandbox with the same name is overwritten by the imported sandbox. 

D. Both sandboxes have been merged and you can't restore the previous configuration. 


Answer: C 


Question: 9 


As part of a customer requirement for a particular test environment, you have disabled workflow 
support for Oracle Identity Manager 11g Release 2 PS3. You need to test some disconnected 
application instances. You realize that manual fulfillment is not working for this type of instance. 
Select the correct statement. 


A. Manual fulfillment tasks for disconnected application instances do not work when workflow is 
turned off. Provisioning operations for disconnected application instances will fail. 
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B. You must allow disconnected application instance support without approval workflow from the 
system administration console. 

C. Disconnected application instances must be re-created without approval workflow support. 

D. Oracle Identity Manager Weblogic instance must be restarted after disabling core functions such 
as approval workflows. 


Answer: A 


Question: 10 


You have deployed a new SOA Composite. As part of one of the customers use cases, they want you 
to allow all users to withdraw their requests made through self-service console. 
Select the correct statement. 


A. A request can be withdrawn during any stage of the process. A request can be withdrawn before 
the Operation Initiated stage. Only admin users are able to withdraw ongoing requests. 

B. Arequest can be withdrawn during any stage of the process. A request can always be withdrawn by 
a requester only, which is done by using Identity Self Service. 

C. A request can be withdrawn before the Operation Initiated stage. A user's managers are the only 
ones able to withdraw employee requests. 

D. A request can be withdrawn before the Operation Initiated stage. Only admin users are able to 
withdraw ongoing requests. 

E. A request can be withdrawn before the Operation Initiated stage. A request can alwaysbe 
withdrawn by a requester only, which is done by using identity Self Service. 


Answer: E 
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